As our world becomes increasingly digital, we are witness to both the exciting potential of innovation and the daunting reality of increased cybersecurity threats. SaaS platforms like Salesforce have transformed the way businesses operate, but they have also opened up new attack vectors for cybercriminals. In our ongoing quest for digital resilience, one tool stands out as essential: data encryption.
Two recent news stories paint a concerning picture about the state of cybersecurity in SaaS environments. AppOmni Labs highlighted an uptick in attacks on SaaS applications and an alarming frequency of misconfigurations. Meanwhile, KrebsonSecurity reported that many public Salesforce sites were leaking private data. These stories underscore the importance of understanding the attack vectors that SaaS platforms, such as Salesforce, can be exposed to, and how encryption can be a vital line of defense.
The stakes are high: CRM apps like Salesforce contain crucial customer data, including contact information (PII), sales figures, and marketing data. If left unprotected, such data can fall into the wrong hands, leading to severe repercussions such as identity theft, compliance breaches, financial loss, and a significant blow to a company's reputation — and in contexts like defense, critical infrastructure, and engineering, data compromise can have global consequences.
That's why it's vital to ensure the security of data not just within Salesforce, but also while it's in transit to and from the platform.
AppOmni Labs recently identified several attack vectors that cybercriminals are using to target SaaS applications such as Salesforce. These include direct attacks on user accounts, compromising API tokens, and exploiting misconfigurations in Salesforce security settings.
In terms of direct attacks, cybercriminals use various methods such as phishing or password spraying to gain access to user accounts. Once they have access, they can extract sensitive data, manipulate settings, or even lock out legitimate users.
Unfortunately, excessive permissions and over-privileged access are key vectors that are being exploited by threat actors. AppOmni highlights excessive Guest User permission sets, excessive object and field permissions, and over-privileged access to classified data as three of the top six most commonly exploited attack vectors. This requires a thorough examination of who has a business need to access what data, and for how long. (Listen to this CyberWire-X podcast conversation with Virtru’s SVP of Engineering, Dana Morris, on the importance of good data classification and tagging for more detail on this topic. We also recommend this post on attribute-based access control.)
When it comes to API tokens, attackers often aim to compromise them to gain unauthorized access to sensitive data. As these tokens are generally used to authenticate third-party applications, a compromised token can lead to the exposure of large amounts of data.
Misconfigurations, on the other hand, involve incorrect settings or errors in Salesforce security controls, which can unintentionally leave data vulnerable to theft or unauthorized access.
To safeguard this data, infosec leaders need to take a proactive and layered approach, balancing all, not just some, of the following priorities:
In light of these risks, encryption is more than just a cybersecurity best practice; it's a necessity. Data encryption transforms your sensitive data into an unreadable format, ensuring that it remains secure even if it falls into the wrong hands.
While your encryption solution should make it impossible for the wrong people to access sensitive data — it should be easy for the right people to access the data they are authorized to view. After all, businesses choose powerful apps like Salesforce to increase efficiency and speed in their operations. Your security shouldn’t counteract that efficiency — it should support it.
This is where Virtru delivers on both security and experience: Virtru Secure Share for Salesforce offers end-to-end encryption for files shared through Salesforce. It integrates directly with Salesforce so that your users don’t have to leave their existing apps and workflows to handle sensitive information. Whether the data is at rest, in transit, or shared outside the organization, Secure Share ensures it remains protected. It also gives your end users (external customers) a secure way to submit documentation like contracts, log files, and passwords for onboarding and support tickets — without the need to download any software or create any new accounts to send or receive encrypted information.
Utilizing the Trusted Data Format (TDF), Virtru Secure Share guarantees that only authorized recipients can decrypt and access the data. This means that even if attackers compromise a user account or an API token, they still can't read the encrypted data.
In addition to strong encryption, Secure Share offers persistent protection, control over data access, and the ability to revoke access to shared data. All these features combined provide an added layer of security to your Salesforce data and help mitigate the risks posed by the attack vectors highlighted above.
Ultimately, protecting customer data flowing through apps like Salesforce is a way to build trust in your brand. And doing so in a way that doesn’t compromise efficiency or productivity is the ideal. If you’re interested in adding a layer of security to protect customer data flowing in and out of SaaS apps like Salesforce and Zendesk, contact our team for a demo.
The escalating threats and vulnerabilities reported in SaaS applications like Salesforce underscore the need for robust encryption solutions. As we continue to navigate our digital landscape, adopting tools like Virtru Secure Share for Salesforce could mean the difference between maintaining the integrity of your data or becoming the next cybersecurity statistic.